package com.zerox.springsecuritydemo329.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class TestController {

    @GetMapping("/hello")
    @ResponseBody
    public String hello(){
        return "hello spring security";
    }

    @GetMapping("/hi")
    @ResponseBody
    @PreAuthorize("hasAnyAuthority('hi')")
    public String hi(){
        return "需要权限才能启动";
    }

    @GetMapping("/list")
    @ResponseBody
    @PreAuthorize("hasAnyAuthority('sys:book:list')")
    public String list(){
        return "列表功能";
    }

    @GetMapping("/delete")
    @ResponseBody
    @PreAuthorize("hasAnyAuthority('sys:book:delete')")
    public String delete(){
        return "删除功能";
    }
}
